Validate service_id against an empty symbol in registration and pricing entrypoints

[mikewheeleer]

Reject an empty service_id symbol across the service-scoped entrypoints

Description

The service-scoped entrypoints in contracts/escrow/src/lib.rs — register_service, register_service_with_metadata, set_service_price, set_service_metadata, set_service_disabled — accept any Symbol as service_id, including the empty symbol. An empty service_id is almost certainly a client bug (an unset configuration field), yet it silently creates real registry/price/metadata entries under a meaningless key, which then accrue usage and rent and confuse dashboards. This issue rejects the empty symbol so a misconfiguration fails loudly instead of polluting state.

Requirements and context

• Repository scope: Agentpay-Org/Agentpay-contracts only.
• Add a shared private check that rejects an empty service_id (length 0) with a new InvalidServiceId error (next free code, append-only), and apply it at the start of every service-mutating entrypoint listed above.
• Decide and document whether record_usage should also reject an empty service_id (recommended for consistency) and apply it there if so.
• Keep the check before any storage write so a bad id never lands on-chain; do not change behaviour for any non-empty id.
• Reuse a single helper so the rule cannot drift across entrypoints.

Suggested execution

• Fork the repo and create a branch
• git checkout -b security/contracts-reject-empty-service-id
• Implement changes
  • Write code in: contracts/escrow/src/lib.rs — shared empty-id guard + new error variant, applied to the service entrypoints.
  • Write comprehensive tests in: contracts/escrow/src/test.rs — empty id rejected at each entrypoint, non-empty id still works, no partial write on rejection.
  • Add documentation: document the empty-id rejection in README.md.
  • Include NatSpec-style doc comments (///) matching the existing style in lib.rs.
  • Validate security: state cannot be polluted with a meaningless key.
• Test and commit

Test and commit

• Run cargo fmt --all -- --check, cargo build, and cargo test.
• Cover edge cases: empty id at register/price/metadata/disable, a one-char id accepted, record_usage with empty id (per the documented decision).
• Include the full cargo test output and a short security notes section in the PR description.

Example commit message

security: reject empty service_id in registration and pricing entrypoints

Guidelines

• Minimum 95 percent test coverage for impacted modules.
• Clear, reviewer-focused documentation.
• Timeframe: 96 hours.

Community & contribution rewards

• 💬 Join the AgentPay community on Discord for questions, reviews, and faster merges: https://discord.gg/eXvRKkgcv
• ⭐ This is a GrantFox OSS / Official Campaign task and may be rewarded. When your PR is merged you'll be prompted to rate the project — if this issue and the maintainers helped you ship, we'd be grateful for a 5-star rating. Clear questions in Discord and tidy, well-tested PRs are the fastest path to a merge and a reward.

[gloskull]

Hello, I have 4 years of experience delivering solutions for projects like this, covering backend, frontend, and smart contract development. After carefully reviewing your requirements, I have a clear understanding of the task and am confident in my ability to deliver a clean, efficient, and thoroughly tested solution on time. I prioritize code quality, maintainability, and industry best practices throughout the development process.
My PR will be submitted in under 10hours.

[GBOYEE]

Hello! I can work on this. I'll implement the solution with proper Soroban patterns and comprehensive test coverage. PR incoming shortly.